Following versions of the Common Criteria are to be used:
CC Version 3.1 was adopted by the member organisations of the Common Criteria Recognition Arrangement in September 2006 and was officially published according to the "Ordinance on the Procedure for Issuance of a Security Certificate" (BSI-Zertifizierungsverordnung) on February 23rd, 2007 in the "Federal Gazette" (Bundesanzeiger). This Version of the CC was submitted to the International Organization of Standardization (ISO). The Common Methodology for Information Security Evaluation CEM Version 3.1 was also adopted by the member organisations of the Common Criteria Recognition Arrangement. It defines the minimum actions to be performed by an evaluator in order to conduct a CC evaluation, using the criteria and evaluation evidence defined in the CC.